@vellumai/assistant 0.6.1 → 0.6.2

package/src/__tests__/conversation-analysis-routes.test.ts

@@ -0,0 +1,169 @@
+import { beforeEach, describe, expect, mock, test } from "bun:test";
+
+mock.module("../util/logger.js", () => ({
+  getLogger: () =>
+    new Proxy({} as Record<string, unknown>, {
+      get: () => () => {},
+    }),
+}));
+
+const mockResolveConversationId = mock((id: string) => id);
+const mockGetConversation = mock(() => ({
+  id: "conv-1",
+  title: "Source",
+  conversationType: "normal",
+}));
+const mockGetMessages = mock(() => [{ id: "m-source" }]);
+const mockCreateConversation = mock(() => ({ id: "analysis-1" }));
+const mockAddMessage = mock(async () => ({ id: "msg-1" }));
+
+mock.module("../memory/conversation-key-store.js", () => ({
+  resolveConversationId: mockResolveConversationId,
+}));
+
+mock.module("../memory/conversation-crud.js", () => ({
+  getConversation: mockGetConversation,
+  getMessages: mockGetMessages,
+  createConversation: mockCreateConversation,
+  addMessage: mockAddMessage,
+}));
+
+mock.module("../export/transcript-formatter.js", () => ({
+  buildAnalysisTranscript: () => "user: hi",
+}));
+
+import { AssistantEventHub } from "../runtime/assistant-event-hub.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../runtime/assistant-scope.js";
+import type { SendMessageDeps } from "../runtime/http-types.js";
+import { conversationAnalysisRouteDefinitions } from "../runtime/routes/conversation-analysis-routes.js";
+
+beforeEach(() => {
+  mockResolveConversationId.mockClear();
+  mockGetConversation.mockClear();
+  mockGetMessages.mockClear();
+  mockCreateConversation.mockClear();
+  mockAddMessage.mockClear();
+});
+
+function makeConversation() {
+  return {
+    setTrustContext: mock(() => {}),
+    ensureActorScopedHistory: mock(() => Promise.resolve()),
+    setSubagentAllowedTools: mock(() => {}),
+    updateClient: mock(() => {}),
+    processing: false,
+    abortController: null as AbortController | null,
+    currentRequestId: null as string | null,
+    runAgentLoop: mock(() => Promise.resolve()),
+  };
+}
+
+describe("POST /v1/conversations/:id/analyze", () => {
+  test("runs headless analysis with unknown trust and no tools when no subscriber is present", async () => {
+    const conversation = makeConversation();
+    const assistantEventHub = new AssistantEventHub();
+    const sendMessageDeps = {
+      getOrCreateConversation: mock(async () => conversation),
+      assistantEventHub,
+      resolveAttachments: () => [],
+    } as unknown as SendMessageDeps;
+
+    const routes = conversationAnalysisRouteDefinitions({
+      sendMessageDeps,
+      buildConversationDetailResponse: () => ({ id: "analysis-1" }),
+    });
+    const route = routes.find(
+      (r) => r.method === "POST" && r.endpoint === "conversations/:id/analyze",
+    );
+    if (!route) throw new Error("analyze route missing");
+
+    const req = new Request("http://localhost/v1/conversations/conv-1/analyze", {
+      method: "POST",
+    });
+
+    const res = await route.handler({
+      req,
+      url: new URL(req.url),
+      server: null as never,
+      authContext: {} as never,
+      params: { id: "conv-1" },
+    });
+
+    expect(res.status).toBe(200);
+    expect(mockAddMessage).toHaveBeenCalledWith(
+      "analysis-1",
+      "user",
+      expect.any(String),
+      { provenanceTrustClass: "unknown" },
+    );
+    expect(conversation.setTrustContext).toHaveBeenCalledWith({
+      trustClass: "unknown",
+      sourceChannel: "vellum",
+    });
+    expect(conversation.ensureActorScopedHistory).toHaveBeenCalledTimes(1);
+    expect(conversation.setSubagentAllowedTools).toHaveBeenCalledTimes(1);
+    const allowedTools = (
+      conversation.setSubagentAllowedTools.mock.calls as unknown as Array<
+        [Set<string> | undefined]
+      >
+    )[0]?.[0];
+    expect(allowedTools).toBeInstanceOf(Set);
+    expect(allowedTools?.size).toBe(0);
+    expect(conversation.updateClient).toHaveBeenCalledWith(
+      expect.any(Function),
+      true,
+    );
+    expect(conversation.runAgentLoop).toHaveBeenCalledWith(
+      expect.any(String),
+      "msg-1",
+      expect.any(Function),
+      expect.objectContaining({ isInteractive: false, isUserMessage: true }),
+    );
+  });
+
+  test("marks analysis interactive when a matching subscriber is already connected", async () => {
+    const conversation = makeConversation();
+    const assistantEventHub = new AssistantEventHub();
+    assistantEventHub.subscribe(
+      { assistantId: DAEMON_INTERNAL_ASSISTANT_ID },
+      () => {},
+    );
+    const sendMessageDeps = {
+      getOrCreateConversation: mock(async () => conversation),
+      assistantEventHub,
+      resolveAttachments: () => [],
+    } as unknown as SendMessageDeps;
+
+    const routes = conversationAnalysisRouteDefinitions({
+      sendMessageDeps,
+      buildConversationDetailResponse: () => ({ id: "analysis-1" }),
+    });
+    const route = routes.find(
+      (r) => r.method === "POST" && r.endpoint === "conversations/:id/analyze",
+    );
+    if (!route) throw new Error("analyze route missing");
+
+    const req = new Request("http://localhost/v1/conversations/conv-1/analyze", {
+      method: "POST",
+    });
+
+    await route.handler({
+      req,
+      url: new URL(req.url),
+      server: null as never,
+      authContext: {} as never,
+      params: { id: "conv-1" },
+    });
+
+    expect(conversation.updateClient).toHaveBeenCalledWith(
+      expect.any(Function),
+      false,
+    );
+    expect(conversation.runAgentLoop).toHaveBeenCalledWith(
+      expect.any(String),
+      "msg-1",
+      expect.any(Function),
+      expect.objectContaining({ isInteractive: true, isUserMessage: true }),
+    );
+  });
+});

package/src/__tests__/conversation-directories-parse.test.ts

@@ -0,0 +1,105 @@
+import { describe, expect, test } from "bun:test";
+
+import {
+  getConversationDirName,
+  parseConversationDirName,
+} from "../memory/conversation-directories.js";
+
+describe("parseConversationDirName", () => {
+  describe("round-trip with getConversationDirName", () => {
+    test("round-trips a UUID-shaped id", () => {
+      const id = "4ae7ea90-86e4-446a-8673-7bba94ecfea1";
+      const createdAtMs = Date.parse("2026-04-07T10:47:23.075Z");
+      const name = getConversationDirName(id, createdAtMs);
+      const parsed = parseConversationDirName(name);
+      expect(parsed).toEqual({ conversationId: id, createdAtMs });
+    });
+
+    test("round-trips an id with embedded hyphens", () => {
+      const id = "conv-with-hyphens-123";
+      const createdAtMs = Date.parse("2024-01-15T00:00:00.000Z");
+      const name = getConversationDirName(id, createdAtMs);
+      const parsed = parseConversationDirName(name);
+      expect(parsed).toEqual({ conversationId: id, createdAtMs });
+    });
+
+    test("round-trips an id with embedded underscores", () => {
+      const id = "foo_bar_baz";
+      const createdAtMs = Date.parse("2025-12-31T23:59:59.999Z");
+      const name = getConversationDirName(id, createdAtMs);
+      const parsed = parseConversationDirName(name);
+      expect(parsed).toEqual({ conversationId: id, createdAtMs });
+    });
+  });
+
+  describe("exact parsing against literal example", () => {
+    test("parses the canonical example from the spec", () => {
+      const name =
+        "2026-04-07T10-47-23.075Z_4ae7ea90-86e4-446a-8673-7bba94ecfea1";
+      const parsed = parseConversationDirName(name);
+      expect(parsed).not.toBeNull();
+      expect(parsed?.conversationId).toBe(
+        "4ae7ea90-86e4-446a-8673-7bba94ecfea1",
+      );
+      expect(parsed?.createdAtMs).toBe(Date.parse("2026-04-07T10:47:23.075Z"));
+    });
+  });
+
+  describe("returns null for malformed input", () => {
+    test("returns null for empty string", () => {
+      expect(parseConversationDirName("")).toBeNull();
+    });
+
+    test("returns null for missing underscore", () => {
+      expect(parseConversationDirName("2026-04-07T10-47-23.075Z")).toBeNull();
+    });
+
+    test("returns null for legacy format (id first, timestamp second)", () => {
+      expect(
+        parseConversationDirName(
+          "4ae7ea90-86e4-446a-8673-7bba94ecfea1_2026-04-07T10-47-23.075Z",
+        ),
+      ).toBeNull();
+    });
+
+    test("returns null for non-ISO prefix", () => {
+      expect(parseConversationDirName("hello_world")).toBeNull();
+    });
+
+    test("returns null for random garbage", () => {
+      expect(parseConversationDirName("drafts/foo")).toBeNull();
+    });
+
+    test("returns null when the conversation id is '.'", () => {
+      expect(parseConversationDirName("2025-01-15T00-00-00.000Z_.")).toBeNull();
+    });
+
+    test("returns null when the conversation id is '..'", () => {
+      expect(
+        parseConversationDirName("2025-01-15T00-00-00.000Z_.."),
+      ).toBeNull();
+    });
+
+    test("returns null when the conversation id contains a forward slash", () => {
+      expect(
+        parseConversationDirName("2025-01-15T00-00-00.000Z_foo/bar"),
+      ).toBeNull();
+    });
+
+    test("returns null when the conversation id contains a backslash", () => {
+      expect(
+        parseConversationDirName("2025-01-15T00-00-00.000Z_foo\\bar"),
+      ).toBeNull();
+    });
+  });
+
+  describe("ids containing underscores", () => {
+    test("captures everything after the timestamp as the conversationId", () => {
+      const name = "2026-04-07T10-47-23.075Z_my_test_id";
+      const parsed = parseConversationDirName(name);
+      expect(parsed).not.toBeNull();
+      expect(parsed?.conversationId).toBe("my_test_id");
+      expect(parsed?.createdAtMs).toBe(Date.parse("2026-04-07T10:47:23.075Z"));
+    });
+  });
+});

package/src/__tests__/credential-execution-approval-bridge.test.ts

@@ -95,7 +95,6 @@ function makePrompter(
       allowlistOptions: unknown[],
       scopeOptions: unknown[],
       diff: unknown,
-      sandboxed: unknown,
       sessionId: string | undefined,
       executionTarget: unknown,
       persistentDecisionsAllowed: unknown,
@@ -109,7 +108,6 @@ function makePrompter(
         allowlistOptions,
         scopeOptions,
         diff,
-        sandboxed,
         sessionId,
         executionTarget,
         persistentDecisionsAllowed,

package/src/__tests__/init-feature-flag-overrides.test.ts

@@ -0,0 +1,167 @@
+/**
+ * Tests for initFeatureFlagOverrides() — the async gateway fetch that
+ * pre-populates the feature flag cache before CLI program construction.
+ */
+import { afterEach, beforeEach, describe, expect, it } from "bun:test";
+
+import {
+  clearFeatureFlagOverridesCache,
+  initFeatureFlagOverrides,
+  isAssistantFeatureFlagEnabled,
+} from "../config/assistant-feature-flags.js";
+import * as tokenService from "../runtime/auth/token-service.js";
+import { getMockFetchCalls, mockFetch, resetMockFetch } from "./mock-fetch.js";
+
+const VALID_HEX_KEY = "ab".repeat(32);
+
+beforeEach(() => {
+  clearFeatureFlagOverridesCache();
+  tokenService._resetSigningKeyForTesting();
+
+  // Set up a signing key so mintEdgeRelayToken() works
+  process.env.ACTOR_TOKEN_SIGNING_KEY = VALID_HEX_KEY;
+  tokenService.initAuthSigningKey(tokenService.resolveSigningKey());
+});
+
+afterEach(() => {
+  resetMockFetch();
+  clearFeatureFlagOverridesCache();
+  tokenService._resetSigningKeyForTesting();
+  delete process.env.ACTOR_TOKEN_SIGNING_KEY;
+});
+
+describe("initFeatureFlagOverrides", () => {
+  it("populates cache from gateway fetch response", async () => {
+    mockFetch(
+      "/v1/feature-flags",
+      { method: "GET" },
+      {
+        body: {
+          flags: [
+            {
+              key: "foo-enabled",
+              enabled: true,
+              label: "Foo",
+              defaultEnabled: false,
+              description: "",
+            },
+            {
+              key: "bar-enabled",
+              enabled: true,
+              label: "Bar",
+              defaultEnabled: true,
+              description: "",
+            },
+          ],
+        },
+        status: 200,
+      },
+    );
+
+    await initFeatureFlagOverrides();
+
+    const config = {} as any;
+    expect(isAssistantFeatureFlagEnabled("foo-enabled", config)).toBe(true);
+    expect(isAssistantFeatureFlagEnabled("bar-enabled", config)).toBe(true);
+
+    // Verify fetch was called with correct URL and auth header
+    const calls = getMockFetchCalls();
+    expect(calls.length).toBe(1);
+    expect(calls[0].path).toContain("/v1/feature-flags");
+    const headers = calls[0].init.headers as Record<string, string> | undefined;
+    expect(headers).toHaveProperty("Authorization");
+  });
+
+  it("sends a valid Bearer JWT in the Authorization header", async () => {
+    mockFetch(
+      "/v1/feature-flags",
+      { method: "GET" },
+      { body: { flags: [] }, status: 200 },
+    );
+
+    await initFeatureFlagOverrides();
+
+    const calls = getMockFetchCalls();
+    expect(calls.length).toBe(1);
+    const headers = calls[0].init.headers as Record<string, string> | undefined;
+    const authHeader = headers?.Authorization;
+
+    expect(authHeader).toBeDefined();
+    expect(authHeader).toMatch(/^Bearer /);
+
+    // Verify it's a valid JWT (three dot-separated base64url segments)
+    const token = authHeader!.replace("Bearer ", "");
+    const parts = token.split(".");
+    expect(parts.length).toBe(3);
+  });
+
+  it("falls back gracefully when gateway is unreachable", async () => {
+    mockFetch("/v1/feature-flags", { method: "GET" }, { status: 500 });
+
+    // Should not throw
+    await initFeatureFlagOverrides();
+
+    // Without gateway data or file, undeclared flags default to true
+    const config = {} as any;
+    expect(isAssistantFeatureFlagEnabled("foo-enabled", config)).toBe(true);
+  });
+
+  it("falls back gracefully on non-OK HTTP status", async () => {
+    mockFetch(
+      "/v1/feature-flags",
+      { method: "GET" },
+      { body: "Unauthorized", status: 401 },
+    );
+
+    await initFeatureFlagOverrides();
+
+    // Undeclared flags default to true without overrides
+    const config = {} as any;
+    expect(isAssistantFeatureFlagEnabled("foo-enabled", config)).toBe(true);
+  });
+
+  it("initializes signing key lazily when not yet set", async () => {
+    // Reset signing key to simulate fresh CLI subprocess
+    tokenService._resetSigningKeyForTesting();
+    delete process.env.ACTOR_TOKEN_SIGNING_KEY;
+
+    expect(tokenService.isSigningKeyInitialized()).toBe(false);
+
+    mockFetch(
+      "/v1/feature-flags",
+      { method: "GET" },
+      {
+        body: {
+          flags: [{ key: "expected-enabled", enabled: true }],
+        },
+        status: 200,
+      },
+    );
+
+    await initFeatureFlagOverrides();
+
+    // Signing key should have been initialized during the fetch
+    expect(tokenService.isSigningKeyInitialized()).toBe(true);
+
+    // And the flag should be resolved correctly
+    const config = {} as any;
+    expect(isAssistantFeatureFlagEnabled("expected-enabled", config)).toBe(
+      true,
+    );
+  });
+
+  it("does not cache empty gateway response", async () => {
+    mockFetch(
+      "/v1/feature-flags",
+      { method: "GET" },
+      { body: { flags: [] }, status: 200 },
+    );
+
+    await initFeatureFlagOverrides();
+
+    // Undeclared flags without overrides default to true (not false from
+    // a cached empty map)
+    const config = {} as any;
+    expect(isAssistantFeatureFlagEnabled("foo-enabled", config)).toBe(true);
+  });
+});

package/src/__tests__/inline-command-runner.test.ts

@@ -11,7 +11,6 @@ const mockConfig = {
   model: "test",
   maxTokens: 4096,
   dataDir: "/tmp",
-  sandbox: { enabled: true },
   timeouts: {
     shellDefaultTimeoutSec: 120,
     shellMaxTimeoutSec: 600,
@@ -104,20 +103,23 @@ describe("runInlineCommand", () => {
   // ── Sandbox enforcement ──────────────────────────────────────────────────
 
   describe("sandbox enforcement", () => {
-    test("always passes sandbox config with enabled=true", async () => {
+    test("always passes sandbox config with enabled=false", async () => {
       lastWrapCall = null;
       await runInlineCommand("echo sandbox-check", CWD);
 
       expect(lastWrapCall).not.toBeNull();
-      expect(lastWrapCall!.config.enabled).toBe(true);
+      expect(lastWrapCall!.config.enabled).toBe(false);
     });
 
-    test("always passes networkMode=off", async () => {
+    test("does not pass networkMode when sandbox is disabled", async () => {
       lastWrapCall = null;
       await runInlineCommand("echo network-check", CWD);
 
       expect(lastWrapCall).not.toBeNull();
-      expect(lastWrapCall!.options?.networkMode).toBe("off");
+      // networkMode is a no-op when sandbox is disabled (wrapCommand returns
+      // a plain bash invocation), so it is not passed. Network isolation is
+      // provided by the Docker/platform-managed container.
+      expect(lastWrapCall!.options).toBeUndefined();
     });
 
     test("uses the provided workingDir as cwd", async () => {

package/src/__tests__/log-export-workspace.test.ts

@@ -93,6 +93,35 @@ writeFileSync(
   JSON.stringify({ provider: "anthropic" }),
 );
 
+// Conversation directories — used for workspace allowlist tests
+const conversationsDir = join(testWorkspaceDir, "conversations");
+mkdirSync(conversationsDir, { recursive: true });
+
+function seedConversation(name: string, body: string) {
+  const dir = join(conversationsDir, name);
+  mkdirSync(dir, { recursive: true });
+  writeFileSync(join(dir, "meta.json"), "{}\n");
+  writeFileSync(join(dir, "messages.jsonl"), body);
+}
+
+seedConversation(
+  "2025-01-10T00-00-00.000Z_conv-jan10",
+  '{"role":"user","content":"jan 10"}\n',
+);
+seedConversation(
+  "2025-01-15T00-00-00.000Z_conv-jan15",
+  '{"role":"user","content":"jan 15"}\n',
+);
+seedConversation(
+  "2025-01-20T00-00-00.000Z_conv-jan20",
+  '{"role":"user","content":"jan 20"}\n',
+);
+seedConversation(
+  "2025-01-25T00-00-00.000Z_conv-jan25",
+  '{"role":"user","content":"jan 25"}\n',
+);
+seedConversation("malformed-name", '{"role":"user","content":"x"}\n');
+
 // Daemon log files — used for date filtering tests
 const logsDir = join(testWorkspaceDir, "data", "logs");
 mkdirSync(logsDir, { recursive: true });
@@ -241,3 +270,164 @@ describe("POST /v1/export — daemon log date filtering", () => {
     }
   });
 });
+
+describe("POST /v1/export — workspace allowlist", () => {
+  test("includes all valid conversation dirs by default", async () => {
+    const res = await callExport();
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(convs).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(convs).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(convs).toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+      expect(convs).not.toContain("malformed-name");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("skips malformed conversation dir names", async () => {
+    const res = await callExport();
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).not.toContain("malformed-name");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("filters conversation dirs by startTime", async () => {
+    const startTime = Date.parse("2025-01-14T00:00:00Z");
+    const res = await callExport({ startTime });
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).not.toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(convs).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(convs).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(convs).toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("filters conversation dirs by endTime", async () => {
+    const endTime = Date.parse("2025-01-22T00:00:00Z");
+    const res = await callExport({ endTime });
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(convs).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(convs).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(convs).not.toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("filters conversation dirs by both startTime and endTime", async () => {
+    const startTime = Date.parse("2025-01-14T00:00:00Z");
+    const endTime = Date.parse("2025-01-22T00:00:00Z");
+    const res = await callExport({ startTime, endTime });
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).not.toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(convs).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(convs).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(convs).not.toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("filters conversation dirs by conversationId", async () => {
+    const res = await callExport({ conversationId: "conv-jan15" });
+    const dir = await extractArchive(res);
+    try {
+      const convs = readdirSync(join(dir, "workspace", "conversations"));
+      expect(convs).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(convs).not.toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(convs).not.toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(convs).not.toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+      expect(convs).not.toContain("malformed-name");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("conversationId + time filter intersect", async () => {
+    const res = await callExport({
+      conversationId: "conv-jan15",
+      startTime: Date.parse("2025-02-01T00:00:00Z"),
+    });
+    const dir = await extractArchive(res);
+    try {
+      const conversationsPath = join(dir, "workspace", "conversations");
+      let convs: string[] = [];
+      try {
+        convs = readdirSync(conversationsPath);
+      } catch {
+        // Directory does not exist — acceptable per the test contract.
+      }
+      expect(convs).toEqual([]);
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("conversation dir contents survive the round trip", async () => {
+    const res = await callExport();
+    const dir = await extractArchive(res);
+    try {
+      const messagesPath = join(
+        dir,
+        "workspace",
+        "conversations",
+        "2025-01-15T00-00-00.000Z_conv-jan15",
+        "messages.jsonl",
+      );
+      const content = readFileSync(messagesPath, "utf-8");
+      expect(content).toBe('{"role":"user","content":"jan 15"}\n');
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("treats empty-string conversationId as no filter", async () => {
+    const res = await callExport({ conversationId: "" });
+    const dir = await extractArchive(res);
+    try {
+      // With conversationId === "" (which the rest of handleExport treats as
+      // unfiltered), workspace conversations should also be unfiltered. All
+      // four canonical conversation dirs should be present.
+      const conversationsDir = join(dir, "workspace", "conversations");
+      const entries = readdirSync(conversationsDir);
+      expect(entries).toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(entries).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(entries).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(entries).toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+
+  test("treats startTime=0 and endTime=0 as no filter", async () => {
+    const res = await callExport({ startTime: 0, endTime: 0 });
+    const dir = await extractArchive(res);
+    try {
+      const conversationsDir = join(dir, "workspace", "conversations");
+      const entries = readdirSync(conversationsDir);
+      // All four canonical conversation dirs should be present (no filtering).
+      expect(entries).toContain("2025-01-10T00-00-00.000Z_conv-jan10");
+      expect(entries).toContain("2025-01-15T00-00-00.000Z_conv-jan15");
+      expect(entries).toContain("2025-01-20T00-00-00.000Z_conv-jan20");
+      expect(entries).toContain("2025-01-25T00-00-00.000Z_conv-jan25");
+    } finally {
+      rmSync(dir, { recursive: true, force: true });
+    }
+  });
+});